Security GRC Senior Analyst

Euronet facilitates the movement of payments around the world and serves as a critical link between our partners – financial institutions, retailers, service providers – and their end consumers, both locally and globally. 

We’re looking for a Security GRC Senior Analyst to help lead and mature our security governance, risk, and compliance programs across multiple business units, including CoreCard, EUSA, EFT Americas, and Euronet Services LLC.

This is asenior individual contributor role for someone who enjoys rolling up their sleeves, partnering with the business, and keeping security programs audit-ready, customer-aligned, and operationally effective.

This role will be based in Atalanta on-site or in Leawood, KS.

What You’ll Do

• Own and continuously improve security governance and compliance programs across assigned entities
• Lead audit and certification efforts (PCI DSS, ISO 27001, SOC, SOX ITGC, Internal Audit), including readiness, evidence, and remediation tracking
• Act as the primary liaison for auditors, control owners, and leadership
• Identify and manage entity-level security risks, contributing directly to Enterprise Risk Assessments (ERA)
• Coordinate third-party and vendor security risk activities using OneTrust
• Own customer security compliance, ensuring contractual requirements align to internal controls and evidence
• Maintain dashboards, metrics, and reporting in GRC tools (Hyperproof, OneTrust, Fence)
• Partner cross-functionally with IT, Engineering, Legal, Privacy, Procurement, and Audit teams
• Collaborate withglobal GRC leadership on shared initiatives

What Success Looks Like

• Continuous audit readiness with minimal fire drills
• Audits completed on time with no coverage gaps
• Clear ownership and timely remediation of control gaps and vendor risks
• Business teams understand and own their compliance responsibilities
• Customer security obligations are consistently met with strong evidence

Requirements

• Bachelor’s degree or equivalent GRC/security experience

• 3+ years in Security GRC, IT audit, or compliance program management
• Working knowledge of PCI DSS, SOX, SOC, ISO 27001, NIST CSF, or similar frameworks
• Experience managing audits, evidence, and control remediation
• Strong communication skills across technical and non-technical teams
• Ability to juggle priorities in a multi-entity, distributed environment
• Up to 30% domestic US travel and could include minimal international travel

Nice to Have

• Experience with OneTrust, Hyperproof, or similar GRC platforms
• Background in financial services, payments, or regulated industries
• Vendor risk management experience

Benefits

• 401(k) Plan
• Health/Dental/Vision Insurance
• Employee Stock Purchase Plan
• Company-paid Life Insurance
• Company-paid disability insurance
• Tuition Reimbursement
• Paid Time Off
• Paid Volunteer Days
• Paid Holidays
• Casual Office Attire
• Plus many more employee perks & incentives!

We are an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, genetic information, protected veteran status, or any other characteristic protected by law.

All application materials including that which is submitted on our applicant tracking system, including resumes, cover letters, and responses, must accurately reflect your own qualifications and experience. The use of any false or misleading content - including any information that is created through the use of AI that is not a true and accurate description of your skills, qualifications, or experience - is strictly prohibited. By submitting your application, you certify that all information provided is truthful and created by you. Any violation may result in disqualification from the recruitment process. If your employment has already begun and it is later discovered that you misrepresented your skills or qualifications, whether through false information or AI‑generated content, this may result in disciplinary action toward you, including but not limited to the termination of your employment.